Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
243371	9.3	危険	LEAD Technologies, Inc.	-	LEAD Technologies の LeadTools におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2827	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243372	7.5	危険	madirish webmail	-	Madirish Webmail の lib/addressbook.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2826	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243373	6.8	警告	ht editor	-	HT Editor におけるバッファオーバーフローの脆弱性	-	CVE-2007-2823	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243374	7.5	危険	ksign	-	AxKSignSWAT.dll におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2820	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243375	7.5	危険	ol bookmarks	-	ol'bookmarks の read/index.php における SQL インジェクションの脆弱性	-	CVE-2007-2817	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243376	7.5	危険	ol bookmarks	-	ol'bookmarks における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2816	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243377	10	危険	マイクロソフト	-	Microsoft IIS Web Server の webhits.dll における非公開 Web ディレクトリへアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2815	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243378	7.5	危険	pegasus	-	Pegasus ImagN' ActiveX control におけるスタックベースのバッファーオーバーフローの脆弱性	-	CVE-2007-2814	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243379	4.3	警告	hlstats	-	HLstats の hlstats.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2812	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

243380	9.3	危険	Opera Software ASA	-	Windows 用の Opera の転送管理におけるバッファオーバーフローの脆弱性	-	CVE-2007-2809	2012-09-25 16:47	2007-05-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2061	-		-	-	radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When process…	CWE-121 Stack-based Buffer Overflow	CVE-2026-48715	2026-06-24 01:04	2026-06-20	Show	GitHub Exploit DB Packet Storm

2062	7.5	HIGH Network	-	-	Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2, Quarkus HTTP path-based authorization policies …	CWE-287 CWE-863 Improper Authentication Incorrect Authorization	CVE-2026-50559	2026-06-24 01:04	2026-06-20	Show	GitHub Exploit DB Packet Storm

2063	3.1	LOW Network	-	-	React Router is a router for React. From 7.12.0 until 7.15.1, certain CSRF checks in React Router v7 Framework Mode were insufficient and run on POST requests, but were bypassed on PUT/PATCH/DELETE r…	CWE-352 Origin Validation Error	CVE-2026-53663	2026-06-24 01:04	2026-06-23	Show	GitHub Exploit DB Packet Storm

2064	7.1	HIGH Network	-	-	libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in `decoder_context::process_reference_pi…	CWE-787 Out-of-bounds Write	CVE-2026-49295	2026-06-24 01:00	2026-06-20	Show	GitHub Exploit DB Packet Storm

2065	7.1	HIGH Network	-	-	libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow i…	CWE-190 Integer Overflow or Wraparound	CVE-2026-49346	2026-06-24 01:00	2026-06-20	Show	GitHub Exploit DB Packet Storm

2066	8.7	HIGH Network	-	-	nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path using the fileName field from an incoming WhatsApp do…	CWE-22 Path Traversal	CVE-2026-48716	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

2067	-		-	-	OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic links verbatim from TAR entry getLinkName() without validating whether the tar…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-49248	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

2068	9.9	CRITICAL Network	-	-	deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can l…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-49252	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

2069	9.1	CRITICAL Network	-	-	Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verifie…	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-49454	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

2070	-		-	-	Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. `line-desktop-mc…	CWE-306 CWE-862 Missing Authentication for Critical Function Missing Authorization	CVE-2026-49357	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm